org.springframework.security.acls.model.Acl类的使用及代码示例
本文整理了Java中org.springframework.security.acls.model.Acl类的一些代码示例,展示了Acl类的具体用法。这些代码示例主要来源于Github/Stackoverflow/Maven等平台,是从一些精选项目中提取出来的代码,具有较强的参考意义,能在一定程度帮忙到你。Acl类的具体详情如下:
包路径:org.springframework.security.acls.model.Acl
类名称:Acl
Acl介绍
[英]Represents an access control list (ACL) for a domain object.
An Acl represents all ACL entries for a given domain object. In order to avoid needing references to the domain object itself, this interface handles indirection between a domain object and an ACL object identity via the org.springframework.security.acls.model.ObjectIdentity interface.
Implementing classes may elect to return instances that represent org.springframework.security.acls.model.Permission information for either some OR all org.springframework.security.acls.model.Sid instances. Therefore, an instance may NOT necessarily contain ALL Sids for a given domain object.
[中]表示域对象的访问控制列表(ACL)。
Acl表示给定域对象的所有Acl条目。为了避免需要引用域对象本身,此接口通过组织处理域对象和ACL对象标识之间的间接寻址。springframework。安全ACL。模型对象性接口。
实现类可以选择返回表示组织的实例。springframework。安全ACL。模型部分或全部组织的权限信息。springframework。安全ACL。模型Sid实例。因此,实例不一定包含给定域对象的所有SID。
代码示例
代码示例来源:origin: spring-projects/spring-security
private boolean checkPermission(Authentication authentication, ObjectIdentity oid,
Object permission) {
// Obtain the SIDs applicable to the principal
List<Sid> sids = sidRetrievalStrategy.getSids(authentication);
List<Permission> requiredPermission = resolvePermission(permission);
final boolean debug = logger.isDebugEnabled();
if (debug) {
logger.debug("Checking permission '" + permission + "' for object '" + oid
+ "'");
}
try {
// Lookup only ACLs for SIDs we're interested in
Acl acl = aclService.readAclById(oid, sids);
if (acl.isGranted(requiredPermission, sids, false)) {
if (debug) {
logger.debug("Access is granted");
}
return true;
}
if (debug) {
logger.debug("Returning false - ACLs returned, but insufficient permissions for this principal");
}
}
catch (NotFoundException nfe) {
if (debug) {
logger.debug("Returning false - no ACLs apply for this principal");
}
}
return false;
}代码示例来源:origin: spring-projects/spring-security
boolean administrativeMode) throws NotFoundException {
final List<AccessControlEntry> aces = acl.getEntries();
if (acl.isEntriesInheriting() && (acl.getParentAcl() != null)) {
return acl.getParentAcl().isGranted(permission, sids, false);代码示例来源:origin: spring-projects/spring-security
@Override
public String toString() {
StringBuilder sb = new StringBuilder();
sb.append("AclImpl[");
sb.append("id: ").append(this.id).append("; ");
sb.append("objectIdentity: ").append(this.objectIdentity).append("; ");
sb.append("owner: ").append(this.owner).append("; ");
int count = 0;
for (AccessControlEntry ace : aces) {
count++;
if (count == 1) {
sb.append("\n");
}
sb.append(ace).append("\n");
}
if (count == 0) {
sb.append("no ACEs; ");
}
sb.append("inheriting: ").append(this.entriesInheriting).append("; ");
sb.append("parent: ").append(
(this.parentAcl == null) ? "Null" : this.parentAcl.getObjectIdentity()
.toString());
sb.append("; ");
sb.append("aclAuthorizationStrategy: ").append(this.aclAuthorizationStrategy)
.append("; ");
sb.append("permissionGrantingStrategy: ").append(this.permissionGrantingStrategy);
sb.append("]");
return sb.toString();
}代码示例来源:origin: apache/kylin
public Object generateAllAceResponses(Acl acl) {
List<AccessEntryResponse> result = new ArrayList<AccessEntryResponse>();
while (acl != null) {
for (AccessControlEntry ace : acl.getEntries()) {
result.add(new AccessEntryResponse(ace.getId(), ace.getSid(), ace.getPermission(), ace.isGranting()));
}
acl = acl.getParentAcl();
}
return result;
}代码示例来源:origin: spring-projects/spring-security
if (acl.isSidLoaded(sids)) {
result.put(acl.getObjectIdentity(), acl);
aclFound = true;代码示例来源:origin: spring-projects/spring-security
if (currentUser.equals(acl.getOwner())
&& ((changeType == CHANGE_GENERAL) || (changeType == CHANGE_OWNERSHIP))) {
return;
if (acl.isGranted(Arrays.asList(BasePermission.ADMINISTRATION), sids, false)) {
return;代码示例来源:origin: codeabovelab/haven-platform
public Builder from(Acl aclData) {
if(aclData instanceof MutableAcl) {
this.setId((Long)((MutableAcl) aclData).getId());
}
final List<AccessControlEntry> srcEntries = aclData.getEntries();
if(srcEntries != null) {
final int size = srcEntries.size();
final List<AceData> aceDatas = new ArrayList<>(size);
for(int i = 0; i < size; ++i) {
AccessControlEntry entry = srcEntries.get(i);
AceData aceData = AceDataImpl.builder().from(entry).build();
aceDatas.add(aceData);
}
this.setEntries(aceDatas);
}
this.setObjectIdentity(aclData.getObjectIdentity());
this.setOwner(aclData.getOwner());
Acl parentAcl = aclData.getParentAcl();
if(parentAcl != null) {
this.setParentAclData(AclDataImpl.builder().from(parentAcl).build());
}
this.setEntriesInheriting(aclData.isEntriesInheriting());
return this;
}代码示例来源:origin: codeabovelab/haven-platform
Assert.notNull(userDetailsService, "userDetailsService is null");
final Sid ownerSid = acl.getOwner();
final String ownerTenantId = getTenantFromSid(ownerSid);
if(ownerTenantId == MultiTenancySupport.NO_TENANT) {
throw new RuntimeException("Can not retrieve tenant from acl owner: acl.objectIdentity=" + acl.getObjectIdentity().getIdentifier());
final List<AccessControlEntry> aces = acl.getEntries();
pgc.setHasAces(!aces.isEmpty());代码示例来源:origin: apache/kylin
private List<Sid> getAllSids(String project) {
List<Sid> allSids = new ArrayList<>();
ProjectInstance prj = projectService.getProjectManager().getProject(project);
AclEntity ae = accessService.getAclEntity("ProjectInstance", prj.getUuid());
Acl acl = accessService.getAcl(ae);
if (acl != null && acl.getEntries() != null) {
for (AccessControlEntry ace : acl.getEntries()) {
allSids.add(ace.getSid());
}
}
return allSids;
}代码示例来源:origin: spring-projects/spring-security
assertThat(childAcl.getParentAcl().getObjectIdentity()).isEqualTo(getMiddleParentOid());代码示例来源:origin: apache/servicemix-bundles
if (currentUser.equals(acl.getOwner())
&& ((changeType == CHANGE_GENERAL) || (changeType == CHANGE_OWNERSHIP))) {
return;
if (acl.isGranted(Arrays.asList(BasePermission.ADMINISTRATION), sids, false)) {
return;代码示例来源:origin: apache/kylin
public List<String> getAllAclSids(Acl acl, String type) {
if (null == acl) {
return Collections.emptyList();
}
List<String> result = new ArrayList<>();
for (AccessControlEntry ace : acl.getEntries()) {
String name = null;
if (type.equalsIgnoreCase(MetadataConstants.TYPE_USER) && ace.getSid() instanceof PrincipalSid) {
name = ((PrincipalSid) ace.getSid()).getPrincipal();
}
if (type.equalsIgnoreCase(MetadataConstants.TYPE_GROUP) && ace.getSid() instanceof GrantedAuthoritySid) {
name = ((GrantedAuthoritySid) ace.getSid()).getGrantedAuthority();
}
if (!StringUtils.isBlank(name)) {
result.add(name);
}
}
return result;
}代码示例来源:origin: apache/servicemix-bundles
if (acl.isSidLoaded(sids)) {
result.put(acl.getObjectIdentity(), acl);
aclFound = true;代码示例来源:origin: spring-projects/spring-security
protected boolean hasPermission(Authentication authentication, Object domainObject) {
// Obtain the OID applicable to the domain object
ObjectIdentity objectIdentity = objectIdentityRetrievalStrategy
.getObjectIdentity(domainObject);
// Obtain the SIDs applicable to the principal
List<Sid> sids = sidRetrievalStrategy.getSids(authentication);
try {
// Lookup only ACLs for SIDs we're interested in
Acl acl = aclService.readAclById(objectIdentity, sids);
return acl.isGranted(requirePermission, sids, false);
}
catch (NotFoundException ignore) {
return false;
}
}代码示例来源:origin: org.molgenis/molgenis-security
public boolean isGranted(
Acl acl, List<Permission> permission, List<Sid> sids, boolean administrativeMode) {
final List<AccessControlEntry> aces = acl.getEntries();
if (acl.isEntriesInheriting() && (acl.getParentAcl() != null)) {
return acl.getParentAcl().isGranted(permission, sids, false);
} else {代码示例来源:origin: spring-projects/spring-security
resultMap.put(result.getObjectIdentity(), result);代码示例来源:origin: apache/kylin
public List<AccessEntryResponse> generateAceResponsesByFuzzMatching(Acl acl, String nameSeg,
boolean isCaseSensitive) {
if (null == acl) {
return Collections.emptyList();
}
List<AccessEntryResponse> result = new ArrayList<AccessEntryResponse>();
for (AccessControlEntry ace : acl.getEntries()) {
if (nameSeg != null && !needAdd(nameSeg, isCaseSensitive, getName(ace.getSid()))) {
continue;
}
result.add(new AccessEntryResponse(ace.getId(), ace.getSid(), ace.getPermission(), ace.isGranting()));
}
return result;
}代码示例来源:origin: spring-projects/spring-security
if (acl.isGranted(requirePermission, sids, false)) {
if (logger.isDebugEnabled()) {
logger.debug("Voting to grant access");代码示例来源:origin: apache/servicemix-bundles
boolean administrativeMode) throws NotFoundException {
final List<AccessControlEntry> aces = acl.getEntries();
if (acl.isEntriesInheriting() && (acl.getParentAcl() != null)) {
return acl.getParentAcl().isGranted(permission, sids, false);代码示例来源:origin: spring-projects/spring-security
@Test
public void testAllParentsAreRetrievedWhenChildIsLoaded() throws Exception {
String query = "INSERT INTO acl_object_identity(ID,OBJECT_ID_CLASS,OBJECT_ID_IDENTITY,PARENT_OBJECT,OWNER_SID,ENTRIES_INHERITING) VALUES (6,2,103,1,1,1);";
getJdbcTemplate().execute(query);
ObjectIdentity topParentOid = new ObjectIdentityImpl(TARGET_CLASS, Long.valueOf(100));
ObjectIdentity middleParentOid = new ObjectIdentityImpl(TARGET_CLASS, Long.valueOf(101));
ObjectIdentity childOid = new ObjectIdentityImpl(TARGET_CLASS, Long.valueOf(102));
ObjectIdentity middleParent2Oid = new ObjectIdentityImpl(TARGET_CLASS, Long.valueOf(103));
// Retrieve the child
Map<ObjectIdentity, Acl> map = this.strategy.readAclsById(Arrays.asList(childOid), null);
// Check that the child and all its parents were retrieved
assertThat(map.get(childOid)).isNotNull();
assertThat(map.get(childOid).getObjectIdentity()).isEqualTo(childOid);
assertThat(map.get(middleParentOid)).isNotNull();
assertThat(map.get(middleParentOid).getObjectIdentity()).isEqualTo(middleParentOid);
assertThat(map.get(topParentOid)).isNotNull();
assertThat(map.get(topParentOid).getObjectIdentity()).isEqualTo(topParentOid);
// The second parent shouldn't have been retrieved
assertThat(map.get(middleParent2Oid)).isNull();
}内容来源于网络,如有侵权,请联系作者删除!
